Streamlined fast and efficient application building and customization systems and methods

ABSTRACT

A system may receive a request from a user to build a custom application specific to an operating system (OS) platform. The system may include an application gateway and the custom application may be a user-customized variation of an application gateway client. The system may prepare a build request and send it to a bonding client running on a work station specific to the OS platform. The bonding client may execute build scripts with user-provided configuration information to create the custom application. Instead of submitting the custom application to a third-party digital distribution platform, the bonding client may store the custom application in a storage location accessible by the system. The system, responsive to the request from the user, may send a response to the computing device, the response containing a link to the storage location of the custom application.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This is a conversion of, and claims a benefit of priority from U.S. Provisional Application No. 62/250,175, filed Nov. 3, 2015, entitled “GATEWAY CLIENT BUILDING AND CUSTOMIZATION SYSTEMS AND METHODS,” the entire disclosure of which is fully incorporated by reference herein, including the appendixes.

TECHNICAL FIELD

This disclosure relates generally to enterprise application development and management. More particularly, this disclosure relates to systems, methods, and computer program products for building and customizing client software for an application gateway in a streamlined, fast, and efficient manner that results in improved user experience.

BACKGROUND OF THE RELATED ART

Today, various computer technologies are used within enterprises and companies alike. In this disclosure, “enterprise” generally refers to an entity such as a company, an organization, or a government agency, rather than individual end users. These technologies produce massive amounts of content, including scanned documents, faxes, emails, search results, office documents, social media content, etc. Enterprise applications, also known as enterprise application software (EAS), refer to a class of computer software used to satisfy such technological needs of an enterprise. To this end, enterprise applications are considered highly complex software systems. They are data-centric, user-friendly, and must meet stringent requirements for security, administration, and maintenance. Examples of enterprise applications may include enterprise resource planning software; groupware systems; e-commerce software such as back-office systems; or standalone applications.

Scalable, distributed, component-based, and often mission-critical, enterprise applications may be deployed on a variety of platforms across enterprise networks, intranets, or the Internet. As enterprises have similar departments and systems in common, enterprise applications are often available as a suite of customizable programs. Generally, the complexity of enterprise applications requires specialist capabilities and specific knowledge to develop and deploy them.

For example, developing an enterprise application for a mobile operating system developed by Apple Inc. (referred to herein as “iOS”) requires knowledge of Apple's development tools, coding environment, and their guidelines. Furthermore, some programming languages (e.g., Swift) for Apple-based platforms (e.g., iOS, OS X, watchOS, and tvOS) are made specifically for iOS and Macs and are required to run on computers with iOS 7 or macOS 10.9 or higher.

An enterprise application thus developed by an application developer for an enterprise to run on a mobile device (e.g., a smart phone that runs on a mobile operating system such as iOS or Android, which is another popular mobile operating system developed by Google) may be submitted by the application developer to a third-party digital distribution platform such as the App Store developed and maintained by Apple Inc. for review, approval, and publication. For applications that are developed with Apple's iOS software development kit (SDK), this review process currently takes an average of two days, from submission to publication (i.e., made available by Apple in the App Store). The App Store allows end users to browse and download applications. From the perspective of an enterprise, the App Store is a third-party application that can act as a generic portal (i.e., access to the App Store is generally open to the public and not specific to the enterprise) through which end users of the enterprise can access, download, and install enterprise-approved enterprise applications. Other third-party digital distribution platforms on the Internet operate in a similar way.

Thus, traditionally, enterprise application development and deployment involve third-party digital distribution platforms on the Internet. However, an enterprise generally has no control over the review process of such a third-party digital distribution platform.

SUMMARY OF THE DISCLOSURE

An object of this disclosure is to streamline enterprise application development and deployment processes such that an enterprise application can be quickly and efficiently developed and deployed to enterprise end users. Another object of this disclosure is to provide a solution for an authorized user of an enterprise to build a custom variation or variations of an enterprise application with as little hardware as a keyboard and a networked computer running a browser application. Yet another object of this disclosure is to provide a solution for building a custom variation or variations of an enterprise application in a fraction of an hour.

According to embodiments disclosed herein, these and other objects may be achieved by implementing a particular method disclosed herein. The method may include receiving, by a system embodied on at least one server machine via a user interface running on a computing device communicatively connected to the system, a request to build a custom application specific to an operating system platform. The method may further comprising preparing a build request containing user-provided configuration information for the custom application; communicating the build request to a bonding client running on a workstation that is specific to the operating system platform; building the custom application specific to the operating system platform on the workstation, the building performed by the bonding client running on the workstation, the building comprising executing build scripts with the user-provided configuration information; and, instead of submitting the custom application to a third-party digital distribution platform, persisting the custom application in a storage location accessible by the system. The system may send the computing device a response containing a link to the storage location of the custom application. A user on the computing device may then use the link to download the custom application and install it on the computing device. The user may also forward the link to other user(s) who can then also download and install the custom application on their devices.

In some embodiments, the method may further comprise determining whether the custom application is to be built in a single application mode or a multi-application mode. This can be a decision that is made by the system based on a user-configurable setting. For example, the build request may contain a user-specified setting that the custom application is to be built to allow an end user to access multiple applications via the customer application. If so, the bonding client running on the workstation that is specific to the operating system platform operates to build the custom application using scripts associated with the multi-application mode.

In some embodiments, the method may further comprise determining whether the custom application is to be built with custom branding assets or default image assets. This can be a decision that is made by the system based on a user-configurable setting. For example, the build request may contain a user-specified setting that the custom application is to be built with custom branding assets such as an icon, a logo, or a launch screen for an enterprise. Otherwise, the custom application may be built with default image assets. The decision as to whether to build the customer application with or without custom branding assets may be made in either the single application mode or the multi-application mode.

In some embodiments, the system may comprise an application gateway. The application gateway may comprise a web access service and a client packager, also referred to herein as a bonding service. The web access service and the bonding service may be part of a plurality of client services provided by the application gateway to computing devices communicatively connected to the application gateway over a network. The web access service may be accessible by each of the computing devices via a browser application. For example, the web access service may provide a packager web client that runs within a browser application on a computing device communicatively connected to the application gateway. Responsive to a request from a user to build a custom application, the packager web client may obtain or otherwise collect information of the requested custom application from the user, prepare a build request with user-provided information, and submit the build request through the web access service of the application gateway. The build request is then communicated to the bonding client via the web access service and the client packager of the application gateway.

In some embodiments, the custom application is a user-customized variation of an application gateway client. The user-customized variation may include custom branding assets specific to an enterprise. Furthermore, in some embodiments, the user-customized variation may also include a mobile device management (MDM) component. The MDM component may be part of a MDM solution used by the enterprise to control enterprise applications running on their mobile devices.

One embodiment comprises a system comprising at least one processor and at least one non-transitory computer-readable storage medium that stores computer instructions translatable by the at least one processor to perform a method substantially as described herein. Another embodiment comprises a computer program product having at least one non-transitory computer-readable storage medium that stores computer instructions translatable by at least one processor to perform a method substantially as described herein. Numerous other embodiments are also possible.

These, and other, aspects of the disclosure will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. It should be understood, however, that the following description, while indicating various embodiments of the disclosure and numerous specific details thereof, is given by way of illustration and not of limitation. Many substitutions, modifications, additions and/or rearrangements may be made within the scope of the disclosure without departing from the spirit thereof, and the disclosure includes all such substitutions, modifications, additions and/or rearrangements.

BRIEF DESCRIPTION OF THE DRAWINGS

The drawings accompanying and forming part of this specification are included to depict certain aspects of the invention. A clearer impression of the invention, and of the components and operation of systems provided with the invention, will become more readily apparent by referring to the exemplary, and therefore non-limiting, embodiments illustrated in the drawings, wherein identical reference numerals designate the same components. Note that the features illustrated in the drawings are not necessarily drawn to scale.

FIG. 1 depicts a diagrammatic representation of an example of an enterprise application development and deployment system according to some embodiments.

FIG. 2 shows general processes for developing and deploying a custom application that is a variant of a standard offering.

FIG. 3 depicts a diagrammatic representation of an example of an enterprise application development, deployment, and management platform according to some embodiments.

FIG. 4 depicts a diagrammatic representation of another example of an enterprise application development and deployment system according to some embodiments.

FIG. 5 depicts a diagrammatic representation of yet another example of an enterprise application development and deployment system according to some embodiments.

FIG. 6 is a flow diagram illustrating example user interactions with an enterprise application development and deployment system in generating a build request.

FIG. 7 depicts a diagrammatic representation of a data processing system for implementing some embodiments disclosed herein.

DETAILED DESCRIPTION

The inventive subject matter and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and detailed in the following description. Descriptions of well-known starting materials, processing techniques, components and equipment are omitted so as not to unnecessarily obscure the invention in detail. It should be understood, however, that the detailed description and the specific examples, while indicating some embodiments of the invention, are given by way of illustration only and not by way of limitation. Various substitutions, modifications, additions and/or rearrangements within the spirit and/or scope of the underlying inventive concept will become apparent to those skilled in the art from this disclosure.

Before delving into more detail regarding the specific embodiments disclosed herein, some brief context may be helpful.

As discussed above, an object of this disclosure is to streamline enterprise application development and deployment processes such that an enterprise application can be quickly and efficiently developed and deployed to enterprise end users. This object can be achieved in a new streamlined fast and efficient application building and customization system such as system 100 illustrated in FIG. 1 . System 100 implements a technical solution for an authorized user of an enterprise to build a custom variation or variations of an enterprise application with as little hardware as networked computer 110 running browser application 105. In this example, networked computer 110 is communicatively connected to client packager 130 over network 120. Network 120 can be any computer network known to those skilled in the art and may include wired, wireless, private, or public networks, including the Internet.

As explained further below, client packager 130 may provide a web-based interface that can be run within browser application 105. Via the web-based interface, the user may request client packager 130 to build a custom application for the enterprise. This custom application may be a variation of an enterprise application provided by an application development platform on which client packager 130 is run. The user can also provide customization details about the custom application to client packager 130. User input 101 containing these customization details is communicated to client packager 130 over network 120. In turn, client packager 130 builds the requested custom application using user input 101 and stores the custom application in application repository 150. The custom application thus built by client packager 130 may reside at a particular storage location in application repository 150. Client packager 130 prepares and sends response 140 that contains a link to the particular storage location where the requested custom application resides. The response can be in one or more suitable forms, for instance, an email, a message, a notification, etc. The user can use the link in response 140 to retrieve/download the custom application built by client packager 130 and install it on networked computer 110. The whole process—from sending a request to client packager 130 via browser application 105 to receiving response 140—takes a fraction of an hour (T1). In some cases, T1 can be as little as about five minutes or less than 10% of an hour. This streamlined approach provides a significant reduction in time and efficiency over the traditional application development and deployment cycle.

As illustrated in FIG. 2 , in today's application development and deployment cycle, an application developer may develop or create a standard version of an application (“standard offering”), submit the standard offering to a third-party digital distribution platform such as the App Store discussed above, wait for the operator of the App Store to review, approve, and publish the standard offering in the App Store, and then direct end users to the App Store to download and install the standard offering on their devices. This process (A) can take months, if not weeks, and the third-party review process alone currently takes about two days.

To create a variant of the standard offering (e.g., an enterprise version of the standard offering), the application developer may again create the variant, submit the variant to the App Store, wait for the operator of the App Store to review, approve, and publish the variant in the App Store, and then direct enterprise users to the App Store to download and install the variant on their devices. Like Process A, this process (B) can take months, if not weeks, and the third-party review process is outside of the control of the enterprise and any of its developers. Process B can be repeated for each desired variant of the standard offering. If each Process B takes a certain amount of time (T3), each T3 taking multiple weeks or months, then 5 variants can take 5 times T3 to complete. Embodiments can streamline application development and deployment processes in an intelligent and effective manner, making them significantly more efficient and faster than existing application development and deployment solutions such that T1 is a mere fraction of T3.

As illustrated in FIG. 3 , application gateway 310 refers to the server-side component of enterprise application development, deployment, and management platform (referred to herein as “platform”) 300. AppWorks (available from Open Text) is a non-limiting example of platform 300.

In some embodiments, Application gateway 310 may be embodied on one or more server machines. In the example illustrated, application gateway 310 is implemented as part of web server 320. Skilled artisans appreciate that web servers generally reside in front (or outside) of a firewall that protects complex enterprise-class systems such as backend systems 360 shown in FIG. 3 . Examples of backend systems 360 may include a content server, OpenText Enterprise Information Management (EIM) Suite, etc.

The client-side component is represented by managed containers 330 in the example of FIG. 3 . In this disclosure, a managed container refers to a special computer program that can function as a client of the application gateway (and hence is also referred to herein as application gateway client software or AG clients).

Managed containers 330 may be embodied on computing devices 340. Computing devices 340 may run on various operating systems including, but not limited to, mobile operation systems such as iOS, Android, etc.

In some embodiments, application gateway applications (or AG apps) 355 may refer to particular enterprise applications that are written in standard web technologies such as HyperText Markup Language Version 5 (HTML5), JavaScript, Cascading Style Sheets Level 3 specification (CSS3), etc. AG apps 355 may be hosted and/or required by backend systems 360.

As an example, managed container 330 may provide a secure shell for AG app 355 received from application gateway 310, store AG app 355 and data associated with AG app 355 in a managed cache of managed container 330, and control the managed cache in accordance with a set of rules propagated from backend system 360 to managed container 330 via application gateway 310. All or some of the set of rules may reside on computing device 340, backend system 360, application gateway 310, or a combination thereof. More details on enterprise application development, deployment, and management platform 300 can be found in U.S. Patent Application Publication No. 2015/0088934, published Mar. 26, 2015, entitled “HOSTED APPLICATION GATEWAY ARCHITECTURE WITH MULTI-LEVEL SECURITY POLICY AND RULE PROMULGATIONS,” which is fully incorporated by reference herein.

In some embodiments, application gateway 310 provides a framework that allows enterprise customers and affiliates connect to backend systems 360. In some embodiments, all network traffic to and from backend systems 360 goes through application gateway 310 which, as discussed above, may reside in front (or outside) of the firewall that protects backend systems 360. This is possible because all managed containers 330 can be securely managed via application gateway 310.

In some embodiments, application gateway 310 manages a plurality of client services 370 and AG apps 355 deployed in platform 300. In some embodiments, client services 370 are RESTful services and can support various authentication methods through identity services 380. In some embodiments, client identities may be authenticated using identity service providers 390. In one embodiment, identity service providers 390 may include the OpenText Directory Services (OTDS).

In some embodiments, application gateway 310 may utilize client services 370 to communicate with backend system 360. Customers of application gateway 310 can also create their own services to enable AG applications 355 running inside managed containers (AG clients) 330 to connect to their own backend systems.

In some embodiments, client services 370 can include software modules that are written in Java and that connect to backend systems 360. Client services connecting to third-party networked computer systems are also possible.

In some embodiments, each client service 370 can expose an application programming interface (API) that can run on (e.g., is compatible with) platform 300 and that can be consumed by AG apps 355 that run inside AG clients 330. Non-limiting examples of client services 370 may include the following:

-   -   Assignments Service (Content Server)     -   Workflow Service (Content Server)     -   Favorites Service (Content Server)     -   Content Service (Content Server, Document Management)     -   Document Conversion Service (Content Server, ECM Everywhere)     -   Web Access Service (Common Header)     -   Insight (Analytics)

Web Access Service can be a single entry point for managing and accessing applications that require running in a browser. In some embodiments, each client service 370 is accompanied with a web application for the configuration of the client service itself.

As discussed above, AG apps 355 can be HTML 5, CSS, and/or JavaScript applications stored in an application repository such as database 350. When deployed (e.g., by application gateway 310), they run within AG client 330, if web access is not required. AG clients 330 are native applications (native to each of computing devices 340) that can host and launch AG apps 355. AG clients 330 can do so by communicating with application gateway 310 via client services 370 at runtime to download and install AG apps 355 into computing devices 340. Because they are written in standard web technologies, AG apps 355 are by definition cross-platform (or platform-independent), written once, and available to multiple users on various types of computing devices such as mobile devices, smart phones, tablets, etc. as well as through web browsers and desktop computers running on various operating systems, all from a single code base. By contrast, AG clients 330 are operating system platform-specific. Non-limiting examples of operating system platforms on which AG clients 330 may run may include iOS, Android, BlackBerry, etc.

In some embodiments, AG clients 330 are managed through an administration tool of application gateway 310 and can be rebranded, each with its own application name, icon, and digital assets such as graphics, color scheme, and certificate. Within application gateway 310, the administration tool can be used to push AG apps 355 to a particular AG client 330, based on the name of the client software. This means that not all AG clients 330 may display the same AG apps 355, even when they connect to the same server. Also, AG apps 355 can be made available to certain groups of users or individually named users.

Embodiments disclosed herein provide a new tool referred to herein as the “Client Packager” that enables customers of application gateway 310 and affiliates to rebrand AG clients 330 or any variant of a standard offering of platform 300. FIG. 4 depicts a diagrammatic representation of an example of Client Packager 400 built on AppWorks platform (which is an example of platform 300 described above).

In the example illustrated, a user (e.g., an administrator of an enterprise) may log in to an administration tool of application gateway 410 and select a function “Client Build” provided by the administration tool to build a custom version of a client program (e.g., managed container 330 of FIG. 3 ) of application gateway 410. In one embodiment, bonding Service 430 can be a RESTful AppWorks service, deployed in the AppWorks Gateway, to coordinate client build requests. Client build requests are created in an accompanied web application which launches in web access service 412, for instance, AppWorks Web Access service. Once data is collected from a user who requests a client build, they are stored in database 450 as a configuration file for that client build. In one embodiment, this can be an XML file. There can be one client build configuration file per a build request. Bonding client 490 can retrieve the stored build request with the associated artifacts from database 450.

The user will also see any work that they created (e.g., to re-run or modify, etc.), so the data can again be pulled from the database.

In some embodiments, web access service 412 can be used to launch bonding service web application 430 to create a build request. The bonding service web application provides the user interface (UI) for users to enter details to create a client build request.

In some embodiments, examples of build properties that may be specified via the UI may include, but are not limited to:

-   a. Runtime Name—Specifies a name to build a client deployment     package. -   b. App Name—Specifies a display name to build a client deployment     package. -   c. App Version—Specifies a version number to build a client     deployment package. -   d. Wrapping SDK—Optional. Specifies a Mobile Device Management (MDM)     SDK to wrap the client deployment package. Default value is “None”     for not applying MDM wrapping. In one embodiment, this property is     enabled if the “iOS Enterprise” or “Android” target is selected. -   e. Server Address—Optional. Specifies an application gateway server     universal resource locator (URL) for the client to bypass user     profile creation. The bonding client (e.g., bonding client 490)     created client allows users to create a profile at runtime if no     Server Address is specified. -   f. Targets—Specifies one of the following values for the target     build:     -   i. iOS App Store—Create an iOS deployment package for iOS app         store submission.     -   ii. iOS Enterprise—Create an iOS deployment package for         enterprise distribution.     -   iii. Android—Create an Android deployment package. -   g. Code Versions—Specify the source code version to build a client.

Examples of certificates and identifiers that may be specified via the UI may include, but are not limited to:

-   -   a. Provisioning Profile—Specifies the iOS Provisioning Profile         for the iOS deployment package.     -   b. Application Identifier—Specifies the application identifier         for the iOS deployment package. In one embodiment, an iOS         application identifier is in the following format: {bundle         prefix}.{bundle id}         -   where {bundle.prefix} is the iOS developer team ID and             {bundle.id} is the bundle identifier for iOS distribution.

-   c. Signing Identity—Specifies the Common Name (CN) in the iOS     deployment package signing certificate.

-   d. Certificates—Specifies the iOS deployment package signing     certificate.

-   e. Certificate Password—Specifies the iOS deployment package signing     certificate password.

Examples of assets that may be specified via the UI may include, but are not limited to:

Assets

a. UI Colours

b. iOS Icons

c. iOS Logo and Launch Screen

d. Android Assets

Each client build request is persisted in database 450 using, for instance, the Java Persistence API. AppWorks services can optionally have server-side web applications via web access service 412.

In some embodiments, bonding client 490 refers to a multi-threaded Java console application installed and runs in a Mac OSX workstation. Bonding client 490 is run in a Mac OSX workstation for the compilation of the AppWorks iOS Client, since Apple iOS applications can only be compiled in Apple hardware.

On start-up, bonding client 490 loads a property file (server configuration 498) to configure its runtime behavior and create the specified number of builder threads to poll client build requests created in application gateway 410. An example of a property file (bonding-listener.properties) may specify the following property keys:

-   build.command.init—Specifies the command to initialize a new client     build. -   build.command.execute—Specifies the command to execute a client     build -   build.command.clean—Specifies the command to clean up after a client     build is completed. -   key—Specifies the trusted server key created in the application     gateway for the bonding client -   server.url—Specifies the application gateway base URL. -   polling.period.ms—Specifies a value in millisecond to poll the     bonding service for build requests. Default to 20000. -   build.timeout—Specifies a period in millisecond to terminate a     client build. Default to 600000. -   build.thread—Specifies the number of builder threads to process     client build requests. Default to 8. -   assets.zip.path—Specifies the local path to place the download     assets.zip file downloaded from the bonding service. -   results.ios.path—Specifies the path where an iOS App Store build zip     package will be created. -   results.ipa.path—Specifies the path where the iOS application     archive file for the “iOS App Store” build is created. -   results.ent.path—Specifies the path where the iOS application     archive file for the “iOS Enterprise” build is created.

The application building process is controlled by executing build scripts 495 (e.g., OSX shell scripts) to create the selected version of the client application from a local source code cache (e.g., local cache 496).

To run build scripts 495, bonding listener 492 may instantiate multiple AG client application builders (threads) 494. As a non-limiting example, bonding listener 492 of bonding client 490 (installed on the Mac OSX workstation) may include the following:

-   bonding-client.jar—a bonding client Java archive file. -   bonding-client.log—a bonding client runtime log file. -   build.sh—This shell script is executed to create the client build. -   clean.sh—This shell script is executed to clean up the     “post_bonding” folder when a client build is completed. -   config.sh—This shell script is invoked by other build scripts to     configure the environment to create a client build. -   init.sh—This shell script is executed first to initialize a client     build. -   post_bonding—The specified version of the client source code is     copied to the post_bonding sub-directory to execute the client     build. -   pre_bonding—The pre_bonding sub-directory is used as a local source     code cache for the different versions of the clients (e.g., managed     container 330 of FIG. 3 ).

Successfully created client deployment package 455 is then uploaded to application gateway 410 via bonding service 430.

FIG. 5 depicts a diagrammatic representation of another example of Client Packager 500 built on AppWorks platform (which is an example of platform 300 described above with reference to FIG. 3 ). Client Packager 500 differs from Client Packager 400 described above with reference to FIG. 4 as follows:

Single Application and Multi-Application Client Build—enterprise-approved applications are stored in database 550. At run time, these applications can be pushed via application gateway 510 down to user devices (e.g., user device 503) according to the user's (e.g., user 501) permissions. The application gateway client applications (also referred to herein as AG clients) built by Client Packager 500 are managed containers for the enterprise-approved applications that users are allowed to access. Client Packager 500 may allow AG clients be built in the single application mode or multi-application mode. In the multi-application mode, end users can select the enterprise-approved applications they wish to run after authentication. In the single application mode, end users are taken directly to the configured applications after authentication in the AG client.

Build Request Queue—In some embodiments, build request queue 540 can be a Java Message Service (JMS) message queue, such as ActiveMQ, used by application gateway 510 to queue client build requests generated by packager web client 507. Packager web client 507 may be provided via web access service 512 over network 520 and accessible by users (e.g., user 501) via browser 505 running on their devices (e.g., user device 503). As an example, responsive to a request from user 501 to create/build a custom application, packager web client 507 may obtain or otherwise collect information (e.g., configuration details such as the name of the requested custom application and/or branding information, if desired) from the user, prepare a build request with user-provided information, and submit the build request through web access service 512 of application gateway 510, as illustrated in FIG. 5 . The build request is then communicated from web access service 512 to bonding service 530 which then adds the build request to build request queue 540 serviced by bonding client 590. In some embodiments, build request queue 540 can be configured using a point-to-point channel to ensure that only one bonding client 590 receives a client build request.

Bonding Client Running as an OSX Daemon—In some embodiments, a Java service wrapper can be used to run bonding client 590 as an OSX daemon to avoid any manual re-start after reboot. Bonding client 590 may comprise bonding listener 592 and AG client application builders 594 similar to bonding listener 492 and AG client application builders 494 described above. Furthermore, server configuration 598 for bonding client 590 may be similar to server configuration 498 for bonding client 490 described above.

Gradle Build Scripts—In some embodiments, Client Packager 500 may use Gradle build scripts 597 as opposed to the OSX shell scripts described above. The Gradle Domain Specific Language (DSL) enables the build logics to move out of the bonding client source code.

Gradle Custom Plugin for MDM Support—In some embodiments, Client Packager 500 may use Gradle custom plugin 593, via Gradle build tool 591, to avoid having to edit build scripts 597 for new mobile device management (MDM) software development kit (SDK) support 595. In some embodiments, MDM SDK support 595 can be implemented as custom tasks in custom plugin 593. In some embodiments, custom plugin 593 can be implemented in the Gradle Groovy language to allow Gradle to compile, test, and make the custom plugin available in build scripts 597.

Retrieve AG Client Source Code from Source Code repository 580—In some embodiments, bonding client 590 may synchronize the local working copy of the AG client source code at a specified interval.

Successfully created client deployment package 555 (a customized version of the AG client application, referred to herein as “custom app”) is then uploaded to application gateway 510 via bonding service 530.

When deployed, custom app 555 can act as a multi-application managed container for application gateway 510 and can host any number of enterprise-approved applications deployed at application gateway 510. In some embodiments, however, custom app 555 may be configured to hold a single application at most and hides all its multi-application features. Building custom app 555 to operate in a single-application mode, as opposed to multi-application mode, can entail utilizing user input received via web access service 512 illustrated in FIG. 5 . The single-application mode can configure code for custom app 555 to be dedicated to a single enterprise-approved application when run on a user device. When custom app 555 is configured in this way (at the build stage by Client Packager 500), the end user of the enterprise-approved application is unaware that custom app 555 could host multiple applications. Advantageously, the single application can be branded within custom app 555 to appear to the end user as a native application.

FIG. 6 is a flow diagram illustrating one example of user interactions with Client Packager 500 via a web-based user interface. When a user wants to create a custom version of a managed container, the user may direct their browser to a Client Packager web UI (605). The Client Packager web UI may be configured to run in single-application mode 610 or multi-application mode 620 (615). In single-application mode 610, a decision is made as to whether the desired single application is to be customized with branding information (612). If so, the user is prompted to add allowed assets such as image assets, logo(s), icon(s), etc. associated with a particular enterprise (614). Otherwise, default image assets are used (616). The user is also prompted to provide a name of the target desired single application (618). When the single-application mode is checked, the web access service, via the Client Packager web UI, adds the custom assets specified by the user to a client theme property list (625). The web access service then prepares a build request accordingly and submits same to the bonding service of the Client Packager (635). Likewise, in multi-application mode 620, a decision is made as to whether the desired single application is to be customized with branding information (622). If so, the user is prompted to add allowed assets such as image assets, logo(s), icon(s), etc. associated with a particular enterprise (624). Otherwise, default image assets are used (626). Unlike in single-application model 610, however, the user is not prompted to provide a name of an application or required to specifically select the multi-application mode. In this case, the web access service, via the Client Packager web UI, automatically adds the custom assets specified by the user, if any, to a client theme property list (625). The web access service then prepares a build request accordingly and submits same to the bonding service of the Client Packager (635), as described above.

In some embodiments, the user not only has the option to give a custom application a different name, change the branding, change the effects, make it a single use mode if the user wants to do so, but the user also has the option of choosing (e.g., via a pull down or up menu or popup window) from a list of MDM vendors within the Client Packager web UI (e.g., packager web client 507). When the user selects an MDM vendor from the list and selects the “build” function, the Client Packager will build the custom version with all of the user's branding customizations as well as the selected MDM SDK functionality, for instance, utilizing build scripts 597 in a build process described above.

FIG. 7 depicts a diagrammatic representation of a data processing system for implementing some embodiments disclosed herein. As shown in FIG. 7 , data processing system 700 may include one or more central processing units (CPU) or processors 701 coupled to one or more user input/output (I/O) devices 702 and memory devices 703. Examples of I/O devices 702 may include, but are not limited to, keyboards, displays, monitors, touch screens, printers, electronic pointing devices such as mice, trackballs, styluses, touch pads, or the like. Examples of memory devices 703 may include, but are not limited to, hard drives (HDs), magnetic disk drives, optical disk drives, magnetic cassettes, tape drives, flash memory cards, random access memories (RAMs), read-only memories (ROMs), smart cards, etc. Data processing system 700 can be coupled to display 706, information device 707 and various peripheral devices (not shown), such as printers, plotters, speakers, etc. through I/O devices 702. Data processing system 700 may also be coupled to external computers or other devices through network interface 704, wireless transceiver 705, or other means that is coupled to a network such as a local area network (LAN), wide area network (WAN), or the Internet. The backend servers and client devices described above may each be a data processing system that is the same as or similar to data processing system 700. Additionally, functional components necessary to implement embodiments disclosed herein may reside on one or more data processing systems that are the same as or similar to data processing system 700.

Those skilled in the relevant art will appreciate that the invention can be implemented or practiced with other computer system configurations, including without limitation multi-processor systems, network devices, mini-computers, mainframe computers, data processors, and the like. The invention can be embodied in a computer or data processor that is specifically programmed, configured, or constructed to perform the functions described in detail herein. The invention can also be employed in distributed computing environments, where tasks or modules are performed by remote processing devices, which are linked through a communications network such as a LAN, WAN, and/or the Internet. In a distributed computing environment, program modules or subroutines may be located in both local and remote memory storage devices. These program modules or subroutines may, for example, be stored or distributed on computer-readable media, including magnetic and optically readable and removable computer discs, stored as firmware in chips, as well as distributed electronically over the Internet or over other networks (including wireless networks). Example chips may include Electrically Erasable Programmable Read-Only Memory (EEPROM) chips. Embodiments discussed herein can be implemented in suitable instructions that may reside on a non-transitory computer readable medium, hardware circuitry or the like, or any combination and that may be translatable by one or more server machines.

Although the invention has been described with respect to specific embodiments thereof, these embodiments are merely illustrative, and not restrictive of the invention. The description herein of illustrated embodiments of the invention, including the description in the Abstract and Summary, is not intended to be exhaustive or to limit the invention to the precise forms disclosed herein (and in particular, the inclusion of any particular embodiment, feature or function within the Abstract or Summary is not intended to limit the scope of the invention to such embodiment, feature or function). Rather, the description is intended to describe illustrative embodiments, features and functions in order to provide a person of ordinary skill in the art context to understand the invention without limiting the invention to any particularly described embodiment, feature or function, including any such embodiment feature or function described in the Abstract or Summary. While specific embodiments of, and examples for, the invention are described herein for illustrative purposes only, various equivalent modifications are possible within the spirit and scope of the invention, as those skilled in the relevant art will recognize and appreciate. As indicated, these modifications may be made to the invention in light of the foregoing description of illustrated embodiments of the invention and are to be included within the spirit and scope of the invention. Thus, while the invention has been described herein with reference to particular embodiments thereof, a latitude of modification, various changes and substitutions are intended in the foregoing disclosures, and it will be appreciated that in some instances some features of embodiments of the invention will be employed without a corresponding use of other features without departing from the scope and spirit of the invention as set forth. Therefore, many modifications may be made to adapt a particular situation or material to the essential scope and spirit of the invention.

Reference throughout this specification to “one embodiment”, “an embodiment”, or “a specific embodiment” or similar terminology means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment and may not necessarily be present in all embodiments. Thus, respective appearances of the phrases “in one embodiment”, “in an embodiment”, or “in a specific embodiment” or similar terminology in various places throughout this specification are not necessarily referring to the same embodiment. Furthermore, the particular features, structures, or characteristics of any particular embodiment may be combined in any suitable manner with one or more other embodiments. It is to be understood that other variations and modifications of the embodiments described and illustrated herein are possible in light of the teachings herein and are to be considered as part of the spirit and scope of the invention.

In the description herein, numerous specific details are provided, such as examples of components and/or methods, to provide a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that an embodiment may be able to be practiced without one or more of the specific details, or with other apparatus, systems, assemblies, methods, components, materials, parts, and/or the like. In other instances, well-known structures, components, systems, materials, or operations are not specifically shown or described in detail to avoid obscuring aspects of embodiments of the invention. While the invention may be illustrated by using a particular embodiment, this is not and does not limit the invention to any particular embodiment and a person of ordinary skill in the art will recognize that additional embodiments are readily understandable and are a part of this invention.

Embodiments discussed herein can be implemented in a computer communicatively coupled to a network (for example, the Internet), another computer, or in a standalone computer. As is known to those skilled in the art, a suitable computer can include a central processing unit (“CPU”), at least one read-only memory (“ROM”), at least one random access memory (“RAM”), at least one hard drive (“HD”), and one or more input/output (“I/O”) device(s). The I/O devices can include a keyboard, monitor, printer, electronic pointing device (for example, mouse, trackball, stylus, touch pad, etc.), or the like.

ROM, RAM, and HD are computer memories for storing computer-executable instructions executable by the CPU or capable of being compiled or interpreted to be executable by the CPU. Suitable computer-executable instructions may reside on a computer readable medium (e.g., ROM, RAM, and/or HD), hardware circuitry or the like, or any combination thereof. Within this disclosure, the term “computer readable medium” Is not limited to ROM, RAM, and HD and can include any type of data storage medium that can be read by a processor. For example, a computer-readable medium may refer to a data cartridge, a data backup magnetic tape, a floppy diskette, a flash memory drive, an optical data storage drive, a CD-ROM, ROM, RAM, HD, or the like. The processes described herein may be implemented in suitable computer-executable instructions that may reside on a computer readable medium (for example, a disk, CD-ROM, a memory, etc.). Alternatively, the computer-executable instructions may be stored as software code components on a direct access storage device array, magnetic tape, floppy diskette, optical storage device, or other appropriate computer-readable medium or storage device.

Any suitable programming language can be used to implement the routines, methods or programs of embodiments of the invention described herein, including C, C++, Java, JavaScript, HTML, or any other programming or scripting code, etc. Other software/hardware/network architectures may be used. For example, the functions of the disclosed embodiments may be implemented on one computer or shared/distributed among two or more computers in or across a network. Communications between computers implementing embodiments can be accomplished using any electronic, optical, radio frequency signals, or other suitable methods and tools of communication in compliance with known network protocols.

Different programming techniques can be employed such as procedural or object oriented. Any particular routine can execute on a single computer processing device or multiple computer processing devices, a single computer processor or multiple computer processors. Data may be stored in a single storage medium or distributed through multiple storage mediums, and may reside in a single database or multiple databases (or other data storage techniques). Although the steps, operations, or computations may be presented in a specific order, this order may be changed in different embodiments. In some embodiments, to the extent multiple steps are shown as sequential in this specification, some combination of such steps in alternative embodiments may be performed at the same time. The sequence of operations described herein can be interrupted, suspended, or otherwise controlled by another process, such as an operating system, kernel, etc. The routines can operate in an operating system environment or as stand-alone routines. Functions, routines, methods, steps and operations described herein can be performed in hardware, software, firmware or any combination thereof.

Embodiments described herein can be implemented in the form of control logic in software or hardware or a combination of both. The control logic may be stored in an information storage medium, such as a computer-readable medium, as a plurality of instructions adapted to direct an information processing device to perform a set of steps disclosed in the various embodiments. Based on the disclosure and teachings provided herein, a person of ordinary skill in the art will appreciate other ways and/or methods to implement the invention.

It is also within the spirit and scope of the invention to implement in software programming or code an of the steps, operations, methods, routines or portions thereof described herein, where such software programming or code can be stored in a computer-readable medium and can be operated on by a processor to permit a computer to perform any of the steps, operations, methods, routines or portions thereof described herein. The invention may be implemented by using software programming or code in one or more digital computers, by using application specific integrated circuits, programmable logic devices, field programmable gate arrays, optical, chemical, biological, quantum or nanoengineered systems, components and mechanisms may be used. The functions of the invention can be achieved in many ways. For example, distributed, or networked systems, components and circuits can be used. In another example, communication or transfer (or otherwise moving from one place to another) of data may be wired, wireless, or by any other means.

A “computer-readable medium” may be any medium that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, system or device. The computer readable medium can be, by way of example only but not by limitation, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, system, device, propagation medium, or computer memory. Such computer-readable medium shall be machine readable and include software programming or code that can be human readable (e.g., source code) or machine readable (e.g., object code). Examples of non-transitory computer-readable media can include random access memories, read-only memories, hard drives, data cartridges, magnetic tapes, floppy diskettes, flash memory drives, optical data storage devices, compact-disc read-only memories, and other appropriate computer memories and data storage devices. In an illustrative embodiment, some or all of the software components may reside on a single server computer or on any combination of separate server computers. As one skilled in the art can appreciate, a computer program product implementing an embodiment disclosed herein may comprise one or more non-transitory computer readable media storing computer instructions translatable by one or more processors in a computing environment.

A “processor” includes any, hardware system, mechanism or component that processes data, signals or other information. A processor can include a system with a central processing unit, multiple processing units, dedicated circuitry for achieving functionality, or other systems. Processing need not be limited to a geographic location, or have temporal limitations. For example, a processor can perform its functions in “real-time,” “offline,” in a “batch mode,” etc. Portions of processing can be performed at different times and at different locations, by different (or the same) processing systems.

It will also be appreciated that one or more of the elements depicted in the drawings/figures can also be implemented in a more separated or integrated manner, or even removed or rendered as inoperable in certain cases, as is useful in accordance with a particular application. Additionally, any signal arrows in the drawings/figures should be considered only as exemplary, and not limiting, unless otherwise specifically noted.

As used herein, the terms “comprises,” “comprising,” “includes,” “including,” “has,” “having,” or any other variation thereof, are intended to cover a non-exclusive inclusion. For example, a process, product, article, or apparatus that comprises a list of elements is not necessarily limited only those elements but may include other elements not expressly listed or inherent to such process, product, article, or apparatus.

Furthermore, the term “or” as used herein is generally intended to mean “and/or” unless otherwise indicated. For example, a condition A or B is satisfied by any one of the following: A is true (or present) and B is false (or not present), A is false (or not present) and B is true (or present), and both A and B are true (or present). As used herein, including the claims that follow, a term preceded by “a” or “an” (and “the” when antecedent basis is “a” or “an”) includes both singular and plural of such term, unless clearly indicated within the claim otherwise (i.e., that the reference “a” or “an” clearly indicates only the singular or only the plural). Also, as used in the description herein and throughout the claims that follow, the meaning of “in” includes “in” and “on” unless the context clearly dictates otherwise. The scope of the present disclosure should be determined by the following claims and their legal equivalents. 

What is claimed is:
 1. A method, comprising: providing, by an application gateway embodied on a server machine in a network, a web client of the application gateway through a user interface running on a computing device communicatively connected without any firewall to the application gateway; receiving, by the web client of the application gateway from the computing device, configuration information that specifies an operating system platform and a selected version of a custom client application of the application gateway, the application gateway operating outside a firewall that protects a backend system, wherein the selected custom client application thus created is a customized managed container having a managed cache for holding one or more application gateway (AG) applications received from the application gateway and configured for providing a secure shell on a user device specific to the operating system for securely connecting the one or more AG applications in the managed cache to the backend system through the application gateway; receiving, by the managed container via the application gateway, a set of rules propagated from the backend system, the set of rules comprising: a data storage rule for controlling storage of data associated with the selected custom client application received from the computing device; a data policy rule for controlling access to the data associated with the selected custom client application received from the computing device; and an update rule for controlling update of the data associated with the selected custom client application received from the computing device; controlling the managed cache of the customized managed container in accordance with the received set of rules propagated from the backend system; preparing, by the web client of the application gateway based on the configuration information, a build request for building the customized managed container, the build request containing build properties for building the customized managed container specific to the operating system platform, the build properties including a source code version information for the customized managed container; communicating, by the application gateway, the build request containing the source code version information to a bonding client running on a workstation in the network, the workstation specific to the operating system platform; retrieving, by the bonding client from a repository based on the source code version information contained in the build request, a version of application gateway client source code; placing, by the bonding client, the version of the application gateway client source code in a local cache; building, by the bonding client, the customized managed container specific to the operating system platform, the building including running an application building process that is controlled by the bonding client running on the workstation, the application building process comprising executing a plurality of build scripts in accordance with the configuration information, wherein executing the plurality of build scripts in accordance with the configuration information creates the customized managed container specific to the operating system platform from the version of the application gateway client source code in the local cache, wherein the customized managed container is built in a multi-application mode to allow an end user of the customized managed container to access multiple applications via the customized managed container; uploading, by the bonding client, the customized managed container specific to the operating system platform to the application gateway for persisting the customized managed container specific to the operating system platform in a storage location accessible by the application gateway; and sending, by the application gateway, a response to the computing device, the response containing a link to the storage location of the customized managed container of the application gateway.
 2. The method according to claim 1, further comprising: determining, by the application gateway, whether the customized managed container is to be built with custom branding assets or default image assets.
 3. The method according to claim 2, wherein the custom branding assets comprise at least one of an icon, a logo, or a launch screen for an enterprise.
 4. The method according to claim 1, wherein the application gateway comprises a web access service and a bonding service, wherein the user interface runs in a browser application on the computing device, the web access service providing a packager web client accessible through the browser application on the computing device, the build request prepared by the packager web client and communicated to the bonding client through the web access service and the bonding service of the application gateway.
 5. The method according to claim 1, wherein the customized managed container comprises branding assets specific to an enterprise.
 6. The method according to claim 5, wherein the customized managed container further comprises a mobile device management component specific to the enterprise.
 7. A system, comprising: an application gateway on a server machine in a network; and a bonding client on a workstation in the network; the server machine having: a processor; a non-transitory computer-readable medium; and stored instructions translatable by the processor to cause the application gateway to perform: providing a web client of the application gateway through a user interface running on a computing device communicatively connected without any firewall to the application gateway; receiving, by the web client of the application gateway from the computing device, configuration information that specifies an operating system platform and a user-selected version of a custom client application of the application gateway, the application gateway operating outside a firewall that protects a backend system, wherein the user-selected version of the custom client application thus created is a customized variation of a managed container having a managed cache for holding one or more application gateway (AG) applications received from the application gateway and configured for providing a secure shell on a user device specific to the operating system platform for securely connecting the one or more AG applications in the managed cache to the backend system through the application gateway; receiving, via the application gateway, a set of rules propagated from the backend system, the set of rules comprising: a data storage rule for controlling storage of data associated with the selected custom client application received from the computing device: a data policy rule for controlling access to the data associated with the selected custom client application received from the computing device; and an update rule for controlling update of the data associated with the selected custom client application received from the computing device; controlling the managed cache of the customized managed container in accordance with the received set of rules propagated from the backend system; preparing, by the web client of the application gateway based on the configuration information, a build request for building the customized managed container, the build request containing build properties for building the customized managed container specific to the operating system platform, the build properties including a source code version information for the customized managed container; communicating the build request containing the source code version information to the bonding client running on the workstation in the network, the workstation specific to the operating system platform; and sending a response to the computing device; the workstation having: a processor; a non-transitory computer-readable medium; and stored instructions translatable by the processor to cause the bonding client to perform: retrieving, from a repository based on the source code version information contained in the build request, a version of application gateway client source code; placing the version of the application gateway client source code in a local cache; building the customized managed container specific to the operating system platform, the building including running an application building process that is controlled by the bonding client running on the workstation, the application building process comprising executing a plurality of build scripts in accordance with the configuration information, wherein executing the plurality of build scripts in accordance with the configuration information creates the customized managed container specific to the operating system platform from the version of the application gateway client source code in the local cache, wherein the customized managed container is built in a multi-application mode to allow an end user of the customized managed container to access multiple applications via the customized managed container; and uploading the customized managed container specific to the operating system platform to the application gateway for persisting the customized managed container specific to the operating system platform in a storage location accessible by the application gateway, wherein the response sent by the application gateway contains a link to the storage location of the customized managed container of the application gateway.
 8. The system of claim 7, wherein the stored instructions are translatable by the processor to cause the application gateway to perform: determining whether the customized managed container is to be built with custom branding assets or default image assets.
 9. The system of claim 8, wherein the custom branding assets comprise at least one of an icon, a logo, or a launch screen for an enterprise.
 10. The system of claim 7, wherein the application gateway comprises a web access service and a bonding service, wherein the user interface runs in a browser application on the computing device, the web access service providing a packager web client accessible through the browser application on the computing device, the build request prepared by the packager web client and communicated to the bonding client through the web access service and the bonding service of the application gateway.
 11. The system of claim 7, wherein the customized managed container comprises custom branding assets specific to an enterprise.
 12. The system of claim 11, wherein the customized managed container further comprises a mobile device management component specific to the enterprise.
 13. A computer program product comprising a non-transitory computer-readable medium storing instructions translatable by a system comprising a server machine having an application gateway and a workstation having a bonding client to perform: providing, a web client of the application gateway through a user interface running on a computing device communicatively connected without any firewall to the application gateway; receiving, by the web client of the application gateway from the computing device, configuration information that specifies an operating system platform and a user-selected version of a custom client application of the application gateway, the application gateway operating outside a firewall that protects a backend system, wherein the user-selected version of the custom client application thus created is a customized variation of a managed container having a managed cache for holding one or more application gateway (AG) applications received from the application gateway and configured for providing a secure shell on a user device specific to the operating system platform for securely connecting the one or more AG applications in the managed cache to the backend system through the application gateway; receiving, via the application gateway, a set of rules propagated from the backend system, the set of rules comprising: a data storage rule for controlling storage of data associated with the selected custom client application received from the computing device; a data policy rule for controlling access to the data associated with the selected custom client application received from the computing device; and an update rule for controlling update of the data associated with the selected custom client application received from the computing device; controlling the managed cache of the customized managed container in accordance with the received set of rules propagated from the backend system; preparing, by the web client of the application gateway based on the configuration information, a build request for building the customized managed container, the build request containing build properties for building the customized managed container specific to the operating system platform, the build properties including a source code version information for the customized managed container; communicating, by the application gateway, the build request containing the source code version information to the bonding client running on the workstation in the network, the workstation specific to the operating system platform; retrieving, by the bonding client from a repository based on the source code version information contained in the build request, a version of application gateway client source code; placing, by the bonding client, the version of the application gateway client source code in a local cache; building, by the bonding client, the customized managed container specific to the operating system platform, the building including running an application building process that is controlled by the bonding client running on the workstation, the application building process comprising executing a plurality of build scripts in accordance with the configuration information, wherein executing the plurality of build scripts in accordance with the configuration information creates the customized managed container specific to the operating system platform from the version of the application gateway client source code in the local cache, wherein the customized managed container is built in a multi-application mode to allow an end user of the customized managed container to access multiple applications via the customized managed container; uploading, by the bonding client, the customized managed container specific to the operating system platform to the application gateway for persisting the customized managed container specific to the operating system platform in a storage location accessible by the application gateway; and sending, by the application gateway, a response to the computing device, the response containing a link to the storage location of the customized managed container of the application gateway.
 14. The computer program product of claim 13, wherein the instructions are translatable by the processor to cause the application gateway to perform: determining whether the customized managed container is to be built with custom branding assets or default image assets, wherein the custom branding assets comprise at least one of an icon, a logo, or a launch screen for an enterprise.
 15. The computer program product of claim 13, wherein the application gateway comprises a web access service and a bonding service, wherein the user interface runs in a browser application on the computing device, the web access service providing a packager web client accessible through the browser application on the computing device, the build request prepared by the packager web client and communicated to the bonding client through the web access service and the bonding service of the application gateway.
 16. The computer program product of claim 13, wherein the customized managed container comprises custom branding assets specific to an enterprise.
 17. The computer program product of claim 16, wherein the customized managed container further comprises a mobile device management component specific to the enterprise. 